Legal claims defining the scope of protection, as filed with the USPTO.
1. A system comprising: a plurality of security protocol information, each associated with a different one of a plurality of users, stored to computer-readable medium, the security protocol information for use in enabling bi-directionally secure communication between pairs of said plurality of users; predefined rules stored to computer-readable medium; at least one management server, said server operable to autonomously determine, from said predefined rules, ones of said plurality of users who are members of a secure communication group; and said at least one management server further operable to distribute, to each of said ones of said plurality of users who are members of said secure communication group, said security protocol information associated with each other of said plurality of users who are members of said secure communication group.
2. The system of claim 1 wherein said hi-directionally secure communication comprises communication using two or more one-way directionally secure protocols.
3. The system of claim 1 wherein said security protocol information associated with one of said plurality of users comprises a digital certificate authenticating said one of said plurality of users with whom said security protocol information is associated.
4. The system of claim 3 wherein said security protocol information uses a public key encryption scheme.
5. The system of claim 4 further comprising an authentication step before a private key in said public key encryption scheme can be accessed.
6. The system of claim 5 wherein the authentication step includes verification of the condition of a physical item.
7. The system of claim 1 wherein said management server manages user accounts for said users.
8. The system of claim 7 wherein said at least one management server determines said ones of said plurality of users who are members of said secure communication group based at least in part on account status of said users.
9. The system of claim 7 wherein said at least one management server determines said ones of said plurality of users who are members of said secure communication group based at least in part on information identifying user accounts with one or more secure communication groups.
10. The system of claim 1 further comprising a second management server in communication with said at least one management server.
11. A system for managing bi-directional authentication comprising: a plurality of security protocol information, each of said plurality of security protocol information comprising information for authenticating a different one of two or more subscribing users, said security protocol information stored to a computer-readable medium; at least one server comprising a subscription manager, said subscription manager operable for autonomously managing distribution of said security protocol information among said users according to a set of rules defined for a user group, said set of rules stored to a computer-readable medium, wherein said server distributes, based on said set of rules, said security protocol information for authenticating each user of said user group to every other user of said user group, said distributed information permitting bi-directional authentication between ones of said users of said user group.
12. The system of claim 11 wherein said server distributes to at least a portion of said user group, based on said set of rules, updates to said security protocol information.
13. The system of claim 12 wherein said distributing updates comprises distributing changes in said information or account status for at least one of said users of said user group to other ones of said users of said user group, based on said set of rules.
14. The system of claim 13 wherein said changes comprise the addition of a new user account.
15. The system of claim 13 wherein said changes comprise the removal of authentication privileges for a user account.
16. The system of claim 11 wherein said security protocol comprises information that uniquely identifies each of said user accounts.
17. The system of claim 16 wherein said information comprises a digital certificate.
18. The system of claim 16 wherein said protocol uses a public key encryption scheme.
19. The system of claim 18 further comprising an authentication step before a private key in said public key encryption scheme can be accessed.
20. The system of claim 19 wherein the authentication step includes verification of the condition of a physical item.
21. The system of claim 11 wherein said bi-directional authentication comprises one-way authentication in each of two directions.
22. The system of claim 11 wherein one of said users obtains said information for at least one other of said users from said server.
23. The system of claim 11 wherein one of said users identifies criteria to the server for receiving said information for at least one other of said users.
24. The system of claim 23 wherein said criteria includes at least one characteristic of a said users.
25. The system of claim 24 wherein said at least one characteristic includes at least one selected from the group consisting of: location, business relationship, and physical condition.
26. A method of distributing security protocol information for bi-directionally secure communication, said method comprising: subscribing a plurality of users; maintaining a database of currently-subscribed users; generating security protocol information for said plurality of currently-subscribed users; maintaining a set of rules stored to computer-readable medium, said rules governing distribution of said security protocol information among said plurality of currently-subscribed users; autonomously determining by a server, for ones of said currently-subscribed users, selected others of said currently-subscribed users for whom said security protocol information is desired, wherein said determining is based at least in part on said rules; and autonomously distributing, from said server to said ones of said currently-subscribed users, said security protocol information for said selected others.
27. The method of claim 26 wherein said security protocol information comprises digital certificates.
28. The method of claim 27 further comprising: updating said rules for newly added ones of said users.
29. The method of claim 27 further comprising: updating said rules when ones of said users have a change in status.
30. A method of operating a server for managing secure communication, said method comprising: generating security protocol information for each one of a plurality of subscribers; maintaining rules for managing subscriber accounts; autonomously determining, using said rules, a first group of said subscribers and a second group of said subscribers, wherein said security protocol information for each subscriber in said first group is to be distributed to each subscriber in said second group; and autonomously distributing said security protocol information according to said determination.
31. The method of claim 30 wherein said security protocol information comprises digital certificates.
32. The method of claim 31 wherein said server manages key pairs for said digital certificates.
33. The method of claim 30 further comprising: updating said rules when ones of said subscribers have a change in status.
34. The method of claim 30 wherein said server is a distributed server.
35. The method of claim 30 wherein said communication uses the interact.
36. The method of claim 30 further comprising: accepting requests from ones of said subscribers, wherein said determining includes analyzing said requests using said rules.
37. The method of claim 30 further comprising: requiring authentication before allowing ones of said subscribers to access said server.
38. The method of claim 37 wherein said authentication uses the Java Authentication and Authorization Service model.
39. The method of claim 30 further comprising: autonomously issuing trust revocation notices for selected ones of said subscribers to selected others of said subscribers.
40. The method of claim 30 further comprising: maintaining said subscribers as members in one or more user groups.
41. The method of claim 40 further comprising: assigning roles to each of said subscribers according, to membership in said user groups.
42. Computer-executable software code, embodied on a computer-readable medium, wherein when said code is executed by a processor-based device it causes the processor-based device to perform a method comprising: generating a plurality of security protocol information, each associated with a different one of a plurality of users, said security protocol information stored to computer-readable medium; maintaining predefined rules stored to computer-readable medium, said rules governing distribution of said security protocol information among said plurality of users; determining from said predefined rules, for ones of said users, selected others of said users for whom said security protocol information is desired; and autonomously distributing to said ones of said users said security protocol information for said selected others.
43. The code of claim 42 wherein said security protocol information comprises digital certificates.
44. The code of claim 42 , the method further comprising: maintaining a database of said currently-subscribed users.
45. The code of claim 42 , the method further comprising: maintaining said set of rules governing said distribution of said protocol information.
46. The code of claim 42 , the method further comprising: updating said rules for newly added ones of said users.
47. The code of claim 42 , the method further comprising: updating said rules when ones of said users have a change in status.
48. The code of claim 42 , the method further comprising: autonomously issuing trust revocation notices for selected ones of said subscribers to selected others of said subscribers.
49. A method of operating a server for managing secure communication, said method comprising: maintaining a database of a plurality of subscribers; generating security protocol information for each one of said plurality of subscribers; maintaining rules, stored to computer-readable medium, governing distribution of said security protocol information among said plurality of subscribers; autonomously determining, using said rules, a first group of said subscribers and a second group of said subscribers, wherein said security protocol information for each subscriber in said first group is to be distributed to each subscriber in said second group; and autonomously distributing said security protocol information according to said determination.
50. A method of managing distribution of security protocol information for bi-directionally secure communication, said method comprising: maintaining as computer-readable data stored to a computer-readable medium identification of users who are members of a group, said group being a plurality of said users whom desire to perform hi-directionally secure communication with each other; generating a plurality of security protocol information, each associated with a different one of the plurality of users, said security protocol information stored to computer-readable medium; maintaining a set of rules stored to computer-readable medium, said rules governing distribution of said security protocol information among members of said group; and autonomously managing, by a server, distribution of said security protocol information among members of said group in accordance with said rules.
51. The method of claim 50 wherein said autonomously managing further comprises: receiving, by said server, a request to add a prospective user as a member of said group; generating security protocol information associated with said prospective user, said security protocol information stored to computer-readable medium; and responsive to acceptance of the prospective user as a member of said group, said server autonomously distributing to members of the group the security protocol information associated with the accepted prospective user in accordance with said rules, and said server autonomously distributing to the accepted prospective user the security protocol information associated with the members of the group in accordance with said rules.
52. The method of claim 50 wherein said rules comprise user preferences defined for one or more of said members.
Unknown
June 29, 2010
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.